Let’s Encrypt is a free SSL certificate provider and verifier. It is becoming more and more popular among small website owners. Even NASA is using it for some of it’s smaller sites (i.e. 3000 different sites) thus, you are in safe hands using them.
To start with, you will need a Linux web hosting account with cPanel to install the certificate.
Go to https://zerossl.com/free-ssl/#crt
Enter email address (for renewal reminders)
On the right-hand side, you have a field called “Domains”, add your domain to this. Include mydomain.com and www.mydomain.com. (Don’t include http:// or https://)
How to Install a Free SSL on a Shared Web Host
Accept both terms via checkboxes at the bottom, then click “NEXT”
Once CSR is generated (takes a minute), download a copy
Click “NEXT” again to generate account key, then download a copy
ssl2
Click “NEXT” to go to the Verification page
Download the verification text files
ssl3
Head to your cPanel and click on File manager and go to your root folder. (If you are doing this for an addon domain, then just go to the root of that domain. TIP: it is wherever your index.html or index.php for that domain is.)
Go to webroot/.well-known directory, where webroot is the main directory with your website pages and create a folder named 'acme-challenge' in .well-known.
Upload the verification text files to the webroot/.well-known/acme-challenge/ directory.
Click “NEXT” to reach the “Your Certificate is Ready!” page.
ssl6
Download backup copies of the two files.
Go to cPanel, scroll down to SECURITY and click “SSL/TLS”.
Scroll down and click “Manage SSL sites”.
ssl4
Scroll down to “Install an SSL Website” and select the appropriate domain
ssl5
Return to ZeroSSL, copy the top “Begin Certificate” and paste it on the Certificate: (CRT) field (first one).
You just pasted TWO entries. Scroll to the bottom of what you pasted, select from the lowest “ — -END CERTIFICATE — -“ up to the lowest “ — -BEGIN CERTIFICATE — -“ and paste that “CABUNDLE” field.
Copy the Private Key from the 2nd ZeroSSL field and paste it in the middle “Private Key” field.
Click “Install Certificate” button at the bottom.
Now, the installation of the certificate is complete, however, you will need to create a rule to redirect your site to https:// instead of http://. This is easily achieved by adding a bit of code into the .htaccess (Hypertext Access) file. Follow the simple steps outlined below:
Go to Cpanel and click on the file manager.
On the root folder, create a new file called “.htaccess”. You might have this file already, in that case, edit that file.
htaccess1
Insert the following lines of code into the .htaccess file and save the changes.
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
htaccess2
Test whether it worked by typing http://mydomain.com. It should change to https://mydomain.com automatically.
Important: Remember to update the SSL certificate every 90 days.
